O. De Smet

Verification of a Timed Multitask System With Uppaal

System and program verification has been a large area of research since the introduction of computers in industrial systems. It is an especially important issue for critical systems, where errors can cause human and financial damages. Programmable Logic Controllers (PLCs) are now widely used in many industrial systems and verification of the corresponding programs has already been studied in various contexts for a few years, for the benefit of users and system designers. First restricted to an untimed setting, verification was recently extended to systems where quantitative constraints are needed, possibly related to time elapsing. For instance, timed features like TON (Timers ON delay), used in PLC programs, were modeled with timed automata, thus increasing the size of the verification problems addressed. In this framework, we propose the modeling and verification of a particular timed multitask PLC program, which is part of the so-called MSS (Mecatronic Standard System) platform from Bosch Group. In this case study, time aspects are combined with multitask programming, which raises questions related to the reaction time between the detection of a signal and the resulting event. Our model for station 2 of the MSS platform is a network of timed automata, including automata for the operative part and for the control program, which is first described in SFC then translated in Ladder Diagram. This model is constrained with atomicity hypotheses concerning program execution, and model checking of a reaction time property is performed with the tool UPPAAL.

Improving large-sized PLC programs verification using abstractions

This paper proposes a formal representation of logic controllers programs that is aiming at improving scalability of model-checking techniques, when verifying controllers extrinsic properties. This representation includes only the states which are meaningful for properties proof and minimizes the number of variables that feature each state. Comparison with previously proposed representations, on the basis of three increasing complexity examples, validates this representation and quantifies its efficiency.

Finding the bounds of response time of networked automation systems by iterative proofs

Response time of modern automation systems is not constant but is featured by a distribution of values; finding the upper and lower bounds of this distribution is a crucial issue when designing critical systems. This paper shows how to obtain these bounds by proving timed properties on a formal model of the system, in the form of communicating timed automata. In this approach, bounds are obtained by iterative proofs of properties which are expressed by means of a parametric observer. Comparison of analysis results of formal models to measures on real automation systems shows the accuracy and interest of this approach.

Verification of a timed multitask system with UPPAAL

Since it is an important issue for users and system designers, verification of PLC programs has already been studied in various contexts, mostly for untimed programs. More recently, timed features were introduced and modeled with timed automata. In this case study, we consider a part of the so-called MSS (mecatronic standard system) platform from Bosh group, a framework where time aspects are combined with multitask programming. Our model for station 2 of the MSS platform is a network of timed automata, including automata for the operative part and for the control program, written in Ladder Diagram. This model is constrained with atomicity hypotheses concerning program execution and model checking of a reaction time property is performed with the tool UPPAAL

Formal Verification: A Tool to Improve the Safety of Control Systems

Abstract The aim of this paper is to apply and adapt methods and formalisms from the computer science to the field of automation. It describes a method to enable formal verification of PLC programs written in the LD language (IEC 61131-3) . The principle of the method is to define an operational semantics for the language (description of the behavior of its primitives in terms of state automaton), to encode this definition using a symbolic model-checking tool and check if safety and liveness properties are held by the system. These properties are expressed using the LTL and CTL temporal logics.

Efficient representation for formal verification of time performances of networked automation architectures

Networked automation architectures with Ethernet-based fieldbuses instead of traditional fieldbuses are more and more often used in industry, even for critical systems such as chemical or nuclear power plants. The strong safety requirements of these processes impose to evaluate the time performances of these complex architectures. Formal verification techniques are promising solutions to reach this objective. Hence, this paper focuses on the applicability of formal verification techniques to check time performances. On the basis of a case study, it is shown how formal models of networked automation architectures which are simple enough to be checked by existing timed model-checkers while yielding meaningful results can be developed.